This mail is an automated notification from the patch tracker
of the project: The GNU Hurd.
/**************************************************************************/
[patch #3347] Latest Modifications:
Changes by:
Neal H. Walfield <[EMAIL PROTECTED]>
'Date:
Fri 12/03/04 at 09:20 (GMT)
What | Removed | Added
---------------------------------------------------------------------------
Resolution | None | Applied
Status | Open | Closed
/**************************************************************************/
[patch #3347] Full Item Snapshot:
URL: <http://savannah.gnu.org/patch/?func=detailitem&item_id=3347>
Project: The GNU Hurd
Submitted by: Neal H. Walfield
On: Tue 09/07/04 at 15:10
Category: GNU Mach
Priority: 7 - High
Resolution: Applied
Privacy: Public
Assigned to: None
Originator Email:
Status: Closed
Summary: Double free and memory loss probing partition table
Original Submission: While GNU Mach reads the partition table, the second
assert in
linux/dev/glue:free_pages is triggered. This particular assert checks
for double frees.
I have traced the problem back to getblk and __brelse: if linux_auto_config
is true (which it is when partitions are being probed), a static buffer
is used to hold the BH structure. If getblk is called a second time
(i.e. before the first block is released), the buffer is overriden.
This results in a double free, a memory leak (as the buffer in the
first BH is never released) and a consistency problem as code which
uses the first buffer will now see different data. This is the case
in linux/dev/drivers/block/genhd.c:msdos_partition which calls bread
then, before freeing the block, calls extended_partition which also
calls bread. In reality, there is no reason to not use kalloc and
kfree here. In kern/statup.c:setup_main, we see that vm_mem_bootstrap
which calls kmem_init is called long before
linux/dev/init/main.c:linux_init is invoked by
i386/i386at/machine_init:machine_init.
This attached patch changes getblk and __brelse to always use kalloc
and kfree and adds asserts to kern/kalloc.c to make sure that kalloc,
kfree and kget are only called after kmem_init has been called.
Apply the patch using -p0
ChangeLog:
2004-09-07 Neal H. Walfield <[EMAIL PROTECTED]>
* linux/dev/glue/block.c (__brelse): Unconditionally kfree BH.
(getblk): Unconditionally kalloc BH.
* kern/kalloc.c [!NDEBUG] (kalloc_init_called): New static
variable.
(kalloc_init): Assert that kalloc_init_called is zero.
[! NDEBUG] Set kalloc_init_called to 1 on success.
(kalloc): Assert that kalloc_init_called is non-zero.
(kget): Likewise.
(kfree): Likewise.
File Attachments
-------------------
-------------------------------------------------------
Date: Tue 09/07/04 at 15:10 Name: double-free.diff Size: 3.18KB By: neal
http://savannah.gnu.org/patch/download.php?item_id=3347&item_file_id=3647
For detailed info, follow this link:
<http://savannah.gnu.org/patch/?func=detailitem&item_id=3347>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
_______________________________________________
Bug-hurd mailing list
[EMAIL PROTECTED]
http://lists.gnu.org/mailman/listinfo/bug-hurd
